Cyber Security Strategy and Assessment Model

What Is It?

A Cyber Security Management Framework which draws on industry standards such as ISO 27001, NIST 800-61 and ACSC ISM and is used to provide Senior Management with a simple and quantified review of Cyber Security Maturity. It allows concise reporting up to Boards and Risk Committees, including risks a actions

A lack of awareness of risks exposing continued business operations
Incomplete reporting of cyber resilience and exposure of IT risks to the Executive and Board
Inability to appropriately attest to cyber security compliance obligations
Inappropriate coverage of cyber insurance and ill-prepared Business Continuity Plans (BCP)
Lack of benchmarking and cyber security roadmap to guide investment and future actions

A lack of awareness of risks exposing continued business operations
Incomplete reporting of cyber resilience and exposure of IT risks to the Executive and Board
Inability to appropriately attest to cyber security compliance obligations
Inappropriate coverage of cyber insurance and ill-prepared Business Continuity Plans (BCP)
Lack of benchmarking and cyber security roadmap to guide investment and future actions

Provides line of sight to Cyber Security metrics, allowing organisations to make informed decisions on Information Security investments
Allows Risk Committees to better understand and quantify Cyber Security risks and better manage and mitigate them
Helps Business protect their most valuable assets by providing a method to help focus business priorities
Helps IT departments better articulate Cyber Security Risks and Issues to Senior/Executive Management and help define next best steps
Increased protection of organisational systems and data from damage and loss